github.com/jcmturner/gokrb5/v8@v8.4.4/messages/Ticket_test.go (about) 1 package messages 2 3 import ( 4 "bytes" 5 "encoding/hex" 6 "fmt" 7 "log" 8 "testing" 9 "time" 10 11 "github.com/jcmturner/gokrb5/v8/iana" 12 "github.com/jcmturner/gokrb5/v8/iana/addrtype" 13 "github.com/jcmturner/gokrb5/v8/iana/adtype" 14 "github.com/jcmturner/gokrb5/v8/iana/nametype" 15 "github.com/jcmturner/gokrb5/v8/iana/trtype" 16 "github.com/jcmturner/gokrb5/v8/keytab" 17 "github.com/jcmturner/gokrb5/v8/test/testdata" 18 "github.com/jcmturner/gokrb5/v8/types" 19 "github.com/stretchr/testify/assert" 20 ) 21 22 func TestUnmarshalTicket(t *testing.T) { 23 t.Parallel() 24 var a Ticket 25 b, err := hex.DecodeString(testdata.MarshaledKRB5ticket) 26 if err != nil { 27 t.Fatalf("Test vector read error: %v", err) 28 } 29 err = a.Unmarshal(b) 30 if err != nil { 31 t.Fatalf("Unmarshal error: %v", err) 32 } 33 34 assert.Equal(t, iana.PVNO, a.TktVNO, "Ticket version number not as expected") 35 assert.Equal(t, testdata.TEST_REALM, a.Realm, "Realm not as expected") 36 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.SName.NameType, "CName NameType not as expected") 37 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.SName.NameString), "SName does not have the expected number of NameStrings") 38 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.SName.NameString, "SName name strings not as expected") 39 assert.Equal(t, testdata.TEST_ETYPE, a.EncPart.EType, "Etype of Ticket EncPart not as expected") 40 assert.Equal(t, iana.PVNO, a.EncPart.KVNO, "KNVO of Ticket EncPart not as expected") 41 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.EncPart.Cipher, "Cipher of Ticket EncPart not as expected") 42 } 43 44 func TestUnmarshalEncTicketPart(t *testing.T) { 45 t.Parallel() 46 var a EncTicketPart 47 b, err := hex.DecodeString(testdata.MarshaledKRB5enc_tkt_part) 48 if err != nil { 49 t.Fatalf("Test vector read error: %v", err) 50 } 51 err = a.Unmarshal(b) 52 if err != nil { 53 t.Fatalf("Unmarshal error: %v", err) 54 } 55 //Parse the test time value into a time.Time type 56 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 57 58 assert.Equal(t, "fedcba98", hex.EncodeToString(a.Flags.Bytes), "Flags not as expected") 59 assert.Equal(t, int32(1), a.Key.KeyType, "Key type not as expected") 60 assert.Equal(t, []byte("12345678"), a.Key.KeyValue, "Key value not as expected") 61 assert.Equal(t, testdata.TEST_REALM, a.CRealm, "CRealm not as expected") 62 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.CName.NameType, "CName type not as expected") 63 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.CName.NameString, "CName string entries not as expected") 64 assert.Equal(t, trtype.DOMAIN_X500_COMPRESS, a.Transited.TRType, "Transisted type not as expected") 65 assert.Equal(t, []byte("EDU,MIT.,ATHENA.,WASHINGTON.EDU,CS."), a.Transited.Contents, "Transisted content not as expected") 66 assert.Equal(t, tt, a.AuthTime, "Auth time not as expected") 67 assert.Equal(t, tt, a.StartTime, "Start time not as expected") 68 assert.Equal(t, tt, a.EndTime, "End time not as expected") 69 assert.Equal(t, tt, a.RenewTill, "Renew Till time not as expected") 70 assert.Equal(t, 2, len(a.CAddr), "Number of client addresses not as expected") 71 for i, addr := range a.CAddr { 72 assert.Equal(t, addrtype.IPv4, addr.AddrType, fmt.Sprintf("Host address type not as expected for address item %d", i+1)) 73 assert.Equal(t, "12d00023", hex.EncodeToString(addr.Address), fmt.Sprintf("Host address not as expected for address item %d", i+1)) 74 } 75 for i, ele := range a.AuthorizationData { 76 assert.Equal(t, adtype.ADIfRelevant, ele.ADType, fmt.Sprintf("Authorization data type of element %d not as expected", i+1)) 77 assert.Equal(t, []byte(testdata.TEST_AUTHORIZATION_DATA_VALUE), ele.ADData, fmt.Sprintf("Authorization data of element %d not as expected", i+1)) 78 } 79 } 80 81 func TestUnmarshalEncTicketPart_optionalsNULL(t *testing.T) { 82 t.Parallel() 83 var a EncTicketPart 84 b, err := hex.DecodeString(testdata.MarshaledKRB5enc_tkt_partOptionalsNULL) 85 if err != nil { 86 t.Fatalf("Test vector read error: %v", err) 87 } 88 err = a.Unmarshal(b) 89 if err != nil { 90 t.Fatalf("Unmarshal error: %v", err) 91 } 92 //Parse the test time value into a time.Time type 93 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 94 95 assert.Equal(t, "fedcba98", hex.EncodeToString(a.Flags.Bytes), "Flags not as expected") 96 assert.Equal(t, int32(1), a.Key.KeyType, "Key type not as expected") 97 assert.Equal(t, []byte("12345678"), a.Key.KeyValue, "Key value not as expected") 98 assert.Equal(t, testdata.TEST_REALM, a.CRealm, "CRealm not as expected") 99 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.CName.NameType, "CName type not as expected") 100 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.CName.NameString, "CName string entries not as expected") 101 assert.Equal(t, trtype.DOMAIN_X500_COMPRESS, a.Transited.TRType, "Transisted type not as expected") 102 assert.Equal(t, []byte("EDU,MIT.,ATHENA.,WASHINGTON.EDU,CS."), a.Transited.Contents, "Transisted content not as expected") 103 assert.Equal(t, tt, a.AuthTime, "Auth time not as expected") 104 assert.Equal(t, tt, a.EndTime, "End time not as expected") 105 } 106 107 func TestMarshalTicket(t *testing.T) { 108 t.Parallel() 109 var a Ticket 110 b, err := hex.DecodeString(testdata.MarshaledKRB5ticket) 111 if err != nil { 112 t.Fatalf("Test vector read error: %v", err) 113 } 114 err = a.Unmarshal(b) 115 if err != nil { 116 t.Fatalf("Unmarshal error: %v", err) 117 } 118 mb, err := a.Marshal() 119 if err != nil { 120 t.Fatalf("Marshal of ticket errored: %v", err) 121 } 122 assert.Equal(t, b, mb, "Marshalled bytes not as expected") 123 } 124 125 func TestAuthorizationData_GetPACType_GOKRB5TestData(t *testing.T) { 126 t.Parallel() 127 b, err := hex.DecodeString(testdata.MarshaledPAC_AuthorizationData_GOKRB5) 128 if err != nil { 129 t.Fatalf("Test vector read error: %v", err) 130 } 131 var a types.AuthorizationData 132 err = a.Unmarshal(b) 133 if err != nil { 134 t.Fatalf("Error unmarshaling test data: %v", err) 135 } 136 tkt := Ticket{ 137 Realm: "TEST.GOKRB5", 138 EncPart: types.EncryptedData{ 139 EType: 18, 140 KVNO: 2, 141 }, 142 DecryptedEncPart: EncTicketPart{ 143 AuthorizationData: a, 144 }, 145 } 146 b, _ = hex.DecodeString(testdata.KEYTAB_SYSHTTP_TEST_GOKRB5) 147 kt := keytab.New() 148 kt.Unmarshal(b) 149 sname := types.PrincipalName{NameType: nametype.KRB_NT_PRINCIPAL, NameString: []string{"sysHTTP"}} 150 w := bytes.NewBufferString("") 151 l := log.New(w, "", 0) 152 isPAC, pac, err := tkt.GetPACType(kt, &sname, l) 153 if err != nil { 154 t.Log(w.String()) 155 t.Errorf("error getting PAC: %v", err) 156 } 157 assert.True(t, isPAC, "PAC should be present") 158 assert.Equal(t, 5, len(pac.Buffers), "Number of buffers not as expected") 159 assert.Equal(t, uint32(5), pac.CBuffers, "Count of buffers not as expected") 160 assert.Equal(t, uint32(0), pac.Version, "PAC version not as expected") 161 assert.NotNil(t, pac.KerbValidationInfo, "PAC Kerb Validation info is nil") 162 assert.NotNil(t, pac.ClientInfo, "PAC Client Info info is nil") 163 assert.NotNil(t, pac.UPNDNSInfo, "PAC UPN DNS Info info is nil") 164 assert.NotNil(t, pac.KDCChecksum, "PAC KDC Checksum info is nil") 165 assert.NotNil(t, pac.ServerChecksum, "PAC Server checksum info is nil") 166 }